source: trunk/third/perl/taint.c @ 20075

Revision 20075, 3.4 KB checked in by zacheiss, 21 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r20074, which included commits to RCS files with non-trunk default branches.
Line 
1/*    taint.c
2 *
3 *    Copyright (C) 1993, 1994, 1995, 1996, 1997, 1998, 1999,
4 *    2000, 2001, 2002, by Larry Wall and others
5 *
6 *    You may distribute under the terms of either the GNU General Public
7 *    License or the Artistic License, as specified in the README file.
8 *
9 */
10
11/*
12 * "...we will have peace, when you and all your works have perished--and
13 * the works of your dark master to whom you would deliver us.  You are a
14 * liar, Saruman, and a corrupter of men's hearts."  --Theoden
15 */
16
17#include "EXTERN.h"
18#define PERL_IN_TAINT_C
19#include "perl.h"
20
21void
22Perl_taint_proper(pTHX_ const char *f, const char *s)
23{
24    char *ug;
25
26#if defined(HAS_SETEUID) && defined(DEBUGGING)
27#   if Uid_t_size == 1
28    {
29         UV  uid = PL_uid;
30         UV euid = PL_euid;
31
32         DEBUG_u(PerlIO_printf(Perl_debug_log,
33                               "%s %d %"UVuf" %"UVuf"\n",
34                               s, PL_tainted, uid, euid));
35    }
36#   else
37    {
38         IV  uid = PL_uid;
39         IV euid = PL_euid;
40
41         DEBUG_u(PerlIO_printf(Perl_debug_log,
42                               "%s %d %"IVdf" %"IVdf"\n",
43                               s, PL_tainted, uid, euid));
44    }
45#   endif
46#endif
47
48    if (PL_tainted) {
49        if (!f)
50            f = PL_no_security;
51        if (PL_euid != PL_uid)
52            ug = " while running setuid";
53        else if (PL_egid != PL_gid)
54            ug = " while running setgid";
55        else if (PL_taint_warn)
56            ug = " while running with -t switch";
57        else
58            ug = " while running with -T switch";
59        if (PL_unsafe || PL_taint_warn) {
60            if(ckWARN(WARN_TAINT))
61                Perl_warner(aTHX_ packWARN(WARN_TAINT), f, s, ug);
62        }
63        else {
64            Perl_croak(aTHX_ f, s, ug);
65        }
66    }
67}
68
69void
70Perl_taint_env(pTHX)
71{
72    SV** svp;
73    MAGIC* mg;
74    char** e;
75    static char* misc_env[] = {
76        "IFS",          /* most shells' inter-field separators */
77        "CDPATH",       /* ksh dain bramage #1 */
78        "ENV",          /* ksh dain bramage #2 */
79        "BASH_ENV",     /* bash dain bramage -- I guess it's contagious */
80        NULL
81    };
82
83    if (!PL_envgv)
84        return;
85
86#ifdef VMS
87    {
88    int i = 0;
89    char name[10 + TYPE_DIGITS(int)] = "DCL$PATH";
90
91    while (1) {
92        if (i)
93            (void)sprintf(name,"DCL$PATH;%d", i);
94        svp = hv_fetch(GvHVn(PL_envgv), name, strlen(name), FALSE);
95        if (!svp || *svp == &PL_sv_undef)
96            break;
97        if (SvTAINTED(*svp)) {
98            TAINT;
99            taint_proper("Insecure %s%s", "$ENV{DCL$PATH}");
100        }
101        if ((mg = mg_find(*svp, PERL_MAGIC_envelem)) && MgTAINTEDDIR(mg)) {
102            TAINT;
103            taint_proper("Insecure directory in %s%s", "$ENV{DCL$PATH}");
104        }
105        i++;
106    }
107  }
108#endif /* VMS */
109
110    svp = hv_fetch(GvHVn(PL_envgv),"PATH",4,FALSE);
111    if (svp && *svp) {
112        if (SvTAINTED(*svp)) {
113            TAINT;
114            taint_proper("Insecure %s%s", "$ENV{PATH}");
115        }
116        if ((mg = mg_find(*svp, PERL_MAGIC_envelem)) && MgTAINTEDDIR(mg)) {
117            TAINT;
118            taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
119        }
120    }
121
122#ifndef VMS
123    /* tainted $TERM is okay if it contains no metachars */
124    svp = hv_fetch(GvHVn(PL_envgv),"TERM",4,FALSE);
125    if (svp && *svp && SvTAINTED(*svp)) {
126        STRLEN n_a;
127        bool was_tainted = PL_tainted;
128        char *t = SvPV(*svp, n_a);
129        char *e = t + n_a;
130        PL_tainted = was_tainted;
131        if (t < e && isALNUM(*t))
132            t++;
133        while (t < e && (isALNUM(*t) || strchr("-_.+", *t)))
134            t++;
135        if (t < e) {
136            TAINT;
137            taint_proper("Insecure $ENV{%s}%s", "TERM");
138        }
139    }
140#endif /* !VMS */
141
142    for (e = misc_env; *e; e++) {
143        svp = hv_fetch(GvHVn(PL_envgv), *e, strlen(*e), FALSE);
144        if (svp && *svp != &PL_sv_undef && SvTAINTED(*svp)) {
145            TAINT;
146            taint_proper("Insecure $ENV{%s}%s", *e);
147        }
148    }
149}
Note: See TracBrowser for help on using the repository browser.